package com.adong.crowd.mvc.interceptor;

import com.adong.crowd.constant.CrowdConstant;
import com.adong.crowd.entity.Admin;
import com.adong.crowd.exception.AccessForbiddenException;
import com.adong.crowd.exception.LoginFailedException;
import com.adong.crowd.util.CrowdUtil;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
 * 配置了SpringSecurity后就不再使用
 * 拦截器,用来拦截除了登录等以外的其他请求
 */
public class LoginInterceptor extends HandlerInterceptorAdapter {

    /*
    请求发生前处理
     */
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        HttpSession session = request.getSession();
        Admin admin = (Admin) session.getAttribute(CrowdConstant.ATTR_NAME_LOGIN_ADMIN);
        // session没有对象包异常
        if (admin == null) {
            throw new AccessForbiddenException(CrowdConstant.MESSAGE_ACCESS_FORBIDEN);
        }
        //
        return true;
    }
}
